njrat | 424b1800061eb3534756eada61219882687a8f99d206d300ba7e4696066aaac8 | Triage

Submit
Reports

Overview

overview

Static

static

5

424b180006...c8.exe

windows7_x64

424b180006...c8.exe

windows10_x64

Sharing

General

Target

424b1800061eb3534756eada61219882687a8f99d206d300ba7e4696066aaac8
Size

1009KB
Sample

210922-qk4vmsfcfn
MD5

dd50c188aabc9e550fc221de015ddb55
SHA1

068aa881159f72c4454f44f32fb754fc5b88f688
SHA256

424b1800061eb3534756eada61219882687a8f99d206d300ba7e4696066aaac8
SHA512

b63b109c27987c3b873c378707eb983c60b782e7e9a2ec0dafac7130ef17da0c034698aaa025cd6103cc5ba6e6fb4e13240a20c773fb2e7a981eef276e406b36

Score

10^/10

njrat limebot3 trojan

Static task

static1

Behavioral task

behavioral1

Sample

424b1800061eb3534756eada61219882687a8f99d206d300ba7e4696066aaac8.exe

Resource

win7-en-20210920

njrat limebot3 trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

424b1800061eb3534756eada61219882687a8f99d206d300ba7e4696066aaac8.exe

Resource

win10-en-20210920

njrat limebot3 trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Limebot3

C2

microsoftdnsbug.duckdns.org:6699

Mutex

Client.exe

Attributes

reg_key
Client.exe
splitter
luffy

Targets

- Target
  
  424b1800061eb3534756eada61219882687a8f99d206d300ba7e4696066aaac8
- Size
  
  1009KB
- MD5
  
  dd50c188aabc9e550fc221de015ddb55
- SHA1
  
  068aa881159f72c4454f44f32fb754fc5b88f688
- SHA256
  
  424b1800061eb3534756eada61219882687a8f99d206d300ba7e4696066aaac8
- SHA512
  
  b63b109c27987c3b873c378707eb983c60b782e7e9a2ec0dafac7130ef17da0c034698aaa025cd6103cc5ba6e6fb4e13240a20c773fb2e7a981eef276e406b36
Score

10^/10

njrat limebot3 trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
- autoit_exe
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratlimebot3trojan

behavioral2

njratlimebot3trojan

© 2018-2024

Terms | Privacy